On Twitter, the hacker group said it used pilfered credit card numbers to make donations totaling $1 million. Though Stratfor’s client list includes the likes of Apple, the U.S. Air Force and Miami Police Department, the donations were made on the credit cards of individuals, such as Allen Barr of Austin, recently retired from the Texas Department of Banking. In response, Stratfor said it’s suspended its servers and email.

“Not so private and secret anymore?” the group taunted on Twitter. It said it plans to attack other security companies.

According to the Associated Press, several people whose credit cards had been used were not aware of it until reporters called them.

It’s true that websites are like storefronts, and that it’s more or less impossible to stop determined people from blocking or defacing them now and again.

Here, however, it looks like Stratfor left private files in the window display, waiting to be grabbed by the first guy to put a brick through the glass.

Stratfor, which has taken to communicating via Facebook while its website is down, said Monday that some victims who have spoken out about it could be targeted a second time. According to an Associated Press story in The Washington Post, some clients and supporters supporters “are at risk of having sensitive information repeatedly published on other websites.”